当前位置: X-MOL 学术Pervasive Mob. Comput. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
ECCbAP: A secure ECC-based authentication protocol for IoT edge devices
Pervasive and Mobile Computing ( IF 4.3 ) Pub Date : 2020-06-20 , DOI: 10.1016/j.pmcj.2020.101194
Samad Rostampour , Masoumeh Safkhani , Ygal Bendavid , Nasour Bagheri

Despite continuous efforts, designing both a resource-efficient and secure authentication protocol for Internet of Things (IoT) edge devices is still a great challenge for the industry. To address these concerns, in this paper, we present a new and more efficient method of providing secure communication between IoT edge devices and cloud servers, using a secure Elliptic Curve Cryptography (ECC)-based authentication protocol — ECCbAP. First, we evaluate four existing secure authentication protocols and analyze their security level against traceability and man-in-the-middle attacks and prove their vulnerabilities. Next, we propose our new scheme and examine its security via both informal and formal methods, e.g. BAN logic and Scyther tool, against well-known IoT threats. The results show that not only does ECCbAP provides a greater security compared with other protocols evaluated in this paper, but it is also more resource-efficient, which renders it more appropriate for the constrained environment like Radio Frequency Identification (RFID) tags or Bluetooth Low Energy (BLE) sensors.



中文翻译:

ECCbAP:用于IoT边缘设备的基于ECC的安全身份验证协议

尽管做出了不懈的努力,但为物联网(IoT)边缘设备设计资源有效且安全的身份验证协议仍然是业界面临的巨大挑战。为了解决这些问题,在本文中,我们提出了一种新的,更有效的方法,即使用基于安全椭圆曲线密码学(ECC)的身份验证协议ECCbAP在IoT边缘设备和云服务器之间提供安全通信。首先,我们评估四种现有的安全身份验证协议,并针对可追溯性和中间人攻击分析其安全级别,并证明其漏洞。接下来,我们提出新方案,并通过非正式和正式方法(例如BAN逻辑和Scyther工具)检查其安全性,以应对众所周知的IoT威胁。结果表明,不仅与本文评估的其他协议相比,ECCbAP提供了更高的安全性,但是它还具有更高的资源效率,这使其更适合于射频识别(RFID)标签或低功耗蓝牙(BLE)传感器等受限环境。

更新日期:2020-06-20
down
wechat
bug